export default {
  vulnerable: 'Vulnerable',
  causes: 'Causes',
  solutions: 'Solutions',
  compare: 'Compare',
  title: 'Title',
  message: 'Message',
  vulnerableFinish: 'The vulnerability has been completed!',
  vulnerableSingleReset: 'The vulnerability has been reset!',
  vulnerableReset: 'All holes have been reset.',

  // XSS
  'xss.insertScript':
    'NodeJS+Webpack-based front-end applications simply inserting <script> tags no longer achieve the effect of an attack',
  'xss.cause':
    'Cross-Site Scripting, is generated by web applications that do not filter user input sufficiently. Attackers use web site vulnerabilities to inject malicious scripting code (usually including HTML code and client-side Javascript scripts) into web pages, and when other users browse these pages, they will execute the malicious code, which may take various attacks such as cookie data theft, session hijacking, phishing and other attacks on the victim user.',
  'xss.compare':
    'Web applications based on the front-end and back-end separation architecture, usually packaging tools (such as Webpack) come with CSP filtering, so inserting <script> tag has no effect, usually needs to use events for injection, and commonly used applications or UI frameworks have anti-XSS filtering for user input, so preventing XSS is the main syntax to prevent danger and control.',
  'xss.solutions.1':
    'We validate the output, i.e., we validate the content when it needs to be displayed, so that we can adopt different protection schemes according to different environments.',
  'xss.solutions.2':
    'The core principle of XSS protection is validation. We can do this preferentially by using encoding. By encoding, we mean converting keywords that some browsers recognize (e.g. < and >) to avoid misinterpretation by browsers.',
  'xss.solutions.3':
    'The content of the user is detected. Here, we can use blacklist and whitelist rules. Blacklisting is often the most straightforward method we think of: since the hacker wants to insert <javascript> tags, we detect the presence of user content in.',
  'xss.solutions.4':
    'In the face of a very common problem like XSS, W3C proposed CSP (Content Security Policy) to improve the security of the Web. The so-called CSP is to add a Content-Security-Policy option to the HTTP header returned by the server, and then define the whitelist domain name of the resource. The browser will then recognize this field and restrict access to non-whitelisted resources.',
  'xss.solutions.5':
    "Be extremely careful about the use of dangerous directive attributes for front-end frameworks (such as Vue's v-html directive or the dangerouslySetInnerHTML attribute in React), and if necessary (such as rich text), be sure to control them safely.",

  'xss.reflect.title': 'Please enter your name:',
  'xss.reflect.response': 'Response:',
  'xss.reflect.welcome': 'Welcome, ',
  'xss.reflect.tips': 'Why not try to insert tags?',

  'xss.dom.title': 'Please select your favorite language:',
  'xss.dom.tips': 'Pay attention to the URL change!',

  'xss.href.title': 'Please enter your favorite URL:',
  'xss.href.response': 'Response:',
  'xss.href.favoriteWebsite': 'Your favorite website is:',
  'xss.href.tips': 'It seems that returned hyperlink can be used?',

  'xss.store.title': 'Please leave your message:',
  'xss.store.message': 'User Message:',
  'xss.store.tips':
    'Maybe you can insert some weird stuff into the database (Maybe there is more than XSS here)...',

  // CSRF
  'csrf.cause':
    'CSRF (Cross-site request forgery) cross-site request forgery: the attacker induces the victim to enter a third-party website, in the third-party website, to send a cross-site request to the attacked website. The main reasons for the CSRF vulnerability: 1, all parameters of the request can be determined, 2, the request is not strictly audited.',
  'csrf.compare':
    'Front and back-end not separated architecture usually use url hops to send requests and through the cookie-session mechanism for state retention, while the front and back-end separation framework using AJAX technology to send requests without causing a page refresh, for state retention is usually added in the request header auth parameters, there are many different mechanisms, X-target uses JWT for authentication and state retention.',
  'csrf.solutions.1':
    'Check the Referer field: There is a Referer field in the HTTP header that identifies the address from which the request originated. In general, when dealing with sensitive data requests, the Referer field should be located under the same domain name as the address of the request. The server receiving the request determines whether the Referer header of the request is a normal page to send the request to, and if not, then intercepts it.',
  'csrf.solutions.2':
    "Add check token: Since the essence of CSRF lies in the attacker tricking the user into visiting the address they set, the attacker can no longer run CSRF attacks if the request for access to sensitive data requires the user's browser to provide data that is not stored in a cookie and that the attacker cannot forge as a check. This data is usually a data item in a form. The server generates and attaches it to the form, and its content is a pseudo-random number. When the client submits a request through the form, this pseudo-random number is also submitted for validation. In a normal visit, the client browser can correctly get and pass back the pseudo-random number, while in a spoofing attack via CSRF, the attacker has no way to know the value of the pseudo-random number in advance, and the server rejects the suspicious request because the value of the check token is empty or incorrect.",
  'csrf.solutions.3':
    'Captcha: Before sending a request, you need to enter a server-side judgment-based captcha, the mechanism is similar to Token, the defense of CSRF effect is very good, but the user-friendliness of this method is very poor.',

  'csrf.low.tips': 'Try to reconstruct the request.',

  'csrf.mid.tips': 'Is it possible to find the token field?',

  // SQLI
  'sqli.cause':
    'SQL injection is to take the original URL, form field or data packet input parameters of a Web page, modify and splice them into SQL statements, pass them to the Web server, and then pass them to the database server to execute database commands. If the developer of the Web application does not filter or verify the data or cookies entered by the user (i.e., there is an injection point) and transmits them directly to the database, the spliced SQL may be executed to obtain information about the database as well as to withdraw power, and a SQL injection attack may occur.',
  'sqli.compare':
    'The front-end and back-end coupling architecture is to query the database through url parameters and then render the page, while the front-end and back-end separation architecture is not to render the page with data directly, but to send a request for database request through user operation to return JSON/XML data and render it to the page through JS. Although SQL injection is mainly a server-side vulnerability, the front-end should also be filtered for input.',
  'sqli.solutions.1':
    'Filter the variables passed inside the SQL statement and do not allow dangerous characters to be passed in.',
  'sqli.solutions.2': 'Use Parameterized (Parameterized Query or Parameterized Statement).',
  'sqli.solutions.3':
    'Using the ORM framework, there are many ORM frameworks will automatically use parameterization to solve the injection problem, but it also provides a "splicing" approach, so you need to be careful when using!',
  'sqli.solutions.4':
    'Avoid using dynamic SQL, avoid putting user input data directly into SQL statements, it is better to use prepared statements and parameterized queries, which are safer.',
  'sqli.solutions.5':
    'Restricting database permissions and privileges sets the functionality of the database user to the minimum required, which will limit the actions that an attacker can perform if they manage to gain access.',

  'sqli.string.title': 'Search user info by username',
  'sqli.string.tips':
    'You can try to insert something after the user ID to query something extra...',

  'sqli.number.title': 'Search user info by user ID',
  'sqli.number.tips':
    'You can try to insert something after the username to query something extra...',

  // RCE
  'rce.cause':
    'RCE (Remot Command/Code Execute), remote command/code execution, is an attack that allows an attacker to remotely inject operating system commands or code directly into a background server to control the background system. Generally, this vulnerability occurs because the application system is designed to provide users with an interface for specifying remote command operations. For example, on the web management interface of our common routers, firewalls, intrusion detection and other devices. Generally, the user will be provided with a ping web interface, the user enters the target IP from the web interface, and after submission, the background will perform a ping test on the IP address and return the test results. If the designer does not make strict security controls when completing this function, it may cause an attacker to submit unexpected commands through this interface, so that the background executes, thereby controlling the entire background server.',
  'rce.compare':
    'RCE holes in front and back side before and after the coupling structure and separation architecture of dangerous degree is different, in front and back end coupling framework is more dangerous, to eval (), for example: because the page is rendered by the server end, so to command injection can back to show to the client, the attacker can more easily to invade. Separation of framework in front and back end, is not easy to command injection results back to show to the client page, but also should pay attention to the possibility of being attacked.',
  'rce.solutions.1': "Don't try to use the eval assert dangerous command execution function, etc.",
  'rce.solutions.2': 'If use risk function, must be strictly the content of the input filter.',
  'rce.solutions.3': 'Try not to let the user control parameters.',

  'rce.ping.title': 'Please enter target IP that you want to ping:',
  'rce.ping.tips': "You can take advantage of the '&'",

  'rce.exec.title': 'Try to enter the JS statements, and then go look on the server side.',
  'rce.exec.tips': 'Try not to use the eval (), this API is dangerous!',

  // FILE
  'file.cause':
    'File upload function is very common in web applications, for example, many websites need to upload avatar, upload attachments, etc. when registering. When the user clicks the upload button, the backend will judge whether the uploaded file is of the specified type, suffix, size, etc., and then rename it according to the designed format and store it in the specified directory. If the backend does not make any security judgment on the uploaded files or the judgment conditions are not strict enough, the attacker may upload some malicious files, such as a one-word Trojan horse, which will lead to the backend server being webshelled.',
  'file.solutions.1': 'Verify the file type, suffix name, and size.',
  'file.solutions.2': 'Verify how the file is uploaded.',
  'file.solutions.3': 'Rename files with some complexity.',
  'file.solutions.4': 'Do not expose the path to the file after it is uploaded.',

  'file.download.title': 'Click to download:',

  'file.upload.tips': 'It seems to bypass verification?',

  'file.download.tips': 'The RCE vulnerability can be exploited to obtain the directory structure.',

  // BURST
  'burst.cause':
    '"Brute force" is an attack tool that is generally used in web attacks to obtain the authentication information of an application system. The process is to use a large number of authentication information in the authentication interface to try to log in until the correct result is obtained. To increase efficiency, brute force cracking is generally automated using tools with dictionaries. In theory, most systems can be brute-force cracked as long as the attacker has enough computing power and time, so the conditions for determining whether a system is vulnerable to brute-force cracking are not absolute. When we say that a web application has a brute-force vulnerability, we generally mean that the web application does not use or adopts a relatively weak authentication security policy, resulting in a higher "likelihood" of brute-force cracking.',
  'burst.solutions.1':
    'The user level is to avoid using weak passwords, and the server side can limit the minimum length of user passwords.',
  'burst.solutions.2':
    'Set the login threshold and lock the account once the set threshold is exceeded.',
  'burst.solutions.3':
    'Use CAPTCHA for authentication during login to prevent brute force hacking by automated scripts.',

  'burst.normal.tips': 'Try to find the dictionary for traversal blasting by going online!',
  'burst.delay.tips': 'Just send the request with a delay, it has no threshold!',
  'burst.limit.tips': 'Set the login limit number can effectively prevent the blasting.',
};
